最近在学习SpringBoot时一直想尝试下集成Cas,说干就干,Let us do it
step1.引入pom.xml
<dependency>
<groupId>com.gysoft.tools</groupId>
<artifactId>GY-Sso</artifactId>
<version>1.0.0</version>
</dependency>
说明:该jar包是我们内部的单点登录系统客户端的封装:比如子系统session同步,互踢等,具体可以参见https://blog.csdn.net/qq_23536449/article/category/8918191,如果你们没有封装直接用cas-client-coret即可。
step2.新建CasConfig用于配置过滤器代码如下
/**
* @author 周宁
* @Date 2019-05-24 15:28
*/
@Configuration
public class CasConfig {
@Value("${cas.server.url.prefix}")
private String casServerUrlPrefix;
@Value("${server.name}")
private String serverName;
@Value("${cas.server.login.url}")
private String casServerLoginUrl;
public String getCasServerUrlPrefix() {
return casServerUrlPrefix;
}
public void setCasServerUrlPrefix(String casServerUrlPrefix) {
this.casServerUrlPrefix = casServerUrlPrefix;
}
public String getServerName() {
return serverName;
}
public void setServerName(String serverName) {
this.serverName = serverName;
}
public String getCasServerLoginUrl() {
return casServerLoginUrl;
}
public void setCasServerLoginUrl(String casServerLoginUrl) {
this.casServerLoginUrl = casServerLoginUrl;
}
/**
* cas单点登录集成
*
* @return
*/
@Bean
public ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> singleSignOutHttpSessionListener() {
ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> listener = new ServletListenerRegistrationBean<>();
listener.setEnabled(true);
listener.setListener(new SingleSignOutHttpSessionListener());
listener.setOrder(1);
return listener;
}
@Bean
public FilterRegistrationBean singleSignOutFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
filterRegistration.setFilter(new SingleSignOutFilter());
filterRegistration.addUrlPatterns("/*");
filterRegistration.addInitParameter("casServerUrlPrefix", casServerLoginUrl);
filterRegistration.setOrder(2);
return filterRegistration;
}
@Bean
public FilterRegistrationBean sessionTimeOutFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
filterRegistration.setFilter(new SessionTimeOutFilter());
filterRegistration.addUrlPatterns("/*");
filterRegistration.setOrder(3);
return filterRegistration;
}
@Bean
public FilterRegistrationBean kickSameUserFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
filterRegistration.setFilter(new KickSameUserFilter());
filterRegistration.addUrlPatterns("/*");
filterRegistration.setOrder(4);
return filterRegistration;
}
@Bean
public FilterRegistrationBean customAuthenticationFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
filterRegistration.setFilter(new CustomAuthenticationFilter());
filterRegistration.addInitParameter("serverName", serverName);
filterRegistration.addInitParameter("casServerLoginUrl", casServerLoginUrl);
filterRegistration.addUrlPatterns("/*");
filterRegistration.setOrder(5);
return filterRegistration;
}
@Bean
public FilterRegistrationBean customCas30ProxyReceivingTicketValidationFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
filterRegistration.setFilter(new CustomCas30ProxyReceivingTicketValidationFilter());
filterRegistration.addUrlPatterns("/*");
filterRegistration.addInitParameter("serverName", serverName);
filterRegistration.addInitParameter("casServerUrlPrefix", casServerUrlPrefix);
filterRegistration.setOrder(6);
return filterRegistration;
}
@Bean
public FilterRegistrationBean assertionThreadLocalFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean(new AssertionThreadLocalFilter());
filterRegistration.addUrlPatterns("/*");
filterRegistration.setOrder(7);
return filterRegistration;
}
}
Step3.在application.properties中添加配置
cas.server.url.prefix=http://192.168.1.232:8081/cas server.name=http://192.168.3.94:8080/study/ cas.server.login.url=http://192.168.1.232:8081/cas/login
好了配置完成然后访问下http://192.168.3.94:8080/study/,可以看到系统受Cas保护了
说明:这里的拦截信息都是由我们自己封装的,如果没封装会跳转到casServer的登录页面哟~